tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: nf_tables: fix error path in the init functions
We have to unregister chain type if this fails to register netns.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+21
-3
+7
-1
net/ipv4/netfilter/nf_tables_ipv4.c
+7
-1
net/ipv4/netfilter/nf_tables_ipv4.c
···
105
105
106
106
static int __init nf_tables_ipv4_init(void)
107
107
{
108
+
int ret;
109
+
108
110
nft_register_chain_type(&filter_ipv4);
109
-
return register_pernet_subsys(&nf_tables_ipv4_net_ops);
111
+
ret = register_pernet_subsys(&nf_tables_ipv4_net_ops);
112
+
if (ret < 0)
113
+
nft_unregister_chain_type(&filter_ipv4);
114
+
115
+
return ret;
110
116
}
111
117
112
118
static void __exit nf_tables_ipv4_exit(void)
+7
-1
net/ipv6/netfilter/nf_tables_ipv6.c
+7
-1
net/ipv6/netfilter/nf_tables_ipv6.c
···
104
104
105
105
static int __init nf_tables_ipv6_init(void)
106
106
{
107
+
int ret;
108
+
107
109
nft_register_chain_type(&filter_ipv6);
108
-
return register_pernet_subsys(&nf_tables_ipv6_net_ops);
110
+
ret = register_pernet_subsys(&nf_tables_ipv6_net_ops);
111
+
if (ret < 0)
112
+
nft_unregister_chain_type(&filter_ipv6);
113
+
114
+
return ret;
109
115
}
110
116
111
117
static void __exit nf_tables_ipv6_exit(void)
+7
-1
net/netfilter/nf_tables_inet.c
+7
-1
net/netfilter/nf_tables_inet.c
···
80
80
81
81
static int __init nf_tables_inet_init(void)
82
82
{
83
+
int ret;
84
+
83
85
nft_register_chain_type(&filter_inet);
84
-
return register_pernet_subsys(&nf_tables_inet_net_ops);
86
+
ret = register_pernet_subsys(&nf_tables_inet_net_ops);
87
+
if (ret < 0)
88
+
nft_unregister_chain_type(&filter_inet);
89
+
90
+
return ret;
85
91
}
86
92
87
93
static void __exit nf_tables_inet_exit(void)